Techaisle Blog

SMBs are the backbone of any economy and are crucial in driving innovation and creating jobs. Yet, when it comes to cybersecurity, they often lag behind larger enterprises, lacking the resources and expertise to defend against sophisticated cyberattacks. This is where Managed Detection and Response (MDR) emerges, offering SMBs a cost-effective and scalable solution to secure their valuable data and infrastructure.

The cybersecurity landscape is littered with threats, and small and medium-sized businesses (SMBs) are often the most vulnerable targets. According to Techaisle's research, not many SMBs are aware of Managed Detection and Response (MDR) services, a powerful tool designed to safeguard against cyberattacks. This begs the question: are SMBs missing out on a critical line of defense in today's ever-evolving digital landscape?

Awareness drives adoption

Techaisle’s SMB and Midmarket research data shows that small businesses are at a much earlier stage of their journey to MDR than their midmarket peers. Just 17% of companies with 1-99 employees report being aware of MDR, compared with 61% of core midmarket firms and 76% of upper midmarket organizations. Looking only at companies that are aware of MDR, current adoption rates mirror this pattern: 5% of small businesses that are aware of MDR are currently using these services versus 45% of core midmarket and 58% of upper midmarket organizations and virtually all companies that are aware of but not using MDR are either currently considering MDR or planning to evaluate these services within the next 12-18 months. These statistics indicate tremendous potential in each SMB segment: vendors must boost awareness of MDR’s benefits while executing an effective conversion strategy. This is especially true in small businesses – which should be an excellent fit segment for a managed service.

Selling sophisticated products to SMB customers is a significant challenge for IT vendors. This problem is especially acute with cybersecurity. Most SMB and Midmarket customer environments need defenses against many different types of threats, attackers, and threat vectors. Most SMBs lack the internal resources to understand what is required to protect against vulnerabilities and how different “shields” can be connected without leaving (or even creating) exploitable gaps in defense posture. Even the channel partners struggle to keep pace with simultaneous growth in threats and threat actors, vulnerabilities tied to in-use technologies or common business practices, and the ever-changing security vendor community.

As the market becomes flooded with specialized security solutions, an important question arises: Who can effectively integrate and manage all these different solutions? Cisco is making changes to position itself as a leading contender. As a comprehensive solution provider, Cisco can fill gaps in the cybersecurity landscape and ensure a cohesive approach to security, especially cloud security. It is building and integrating its portfolio of offerings, for example, XDR, Umbrella, Duo, Talos, many others, and now Armorblox.

As threats evolve, security efforts have shifted from solely preventing incidents to investigating them quickly and anticipating future risks. With IT environments now comprising interconnected networks, communication tools, mobile devices, cloud applications, and more, security is a top priority. Techaisle data shows that security is an IT priority for 74% of small businesses, 85% of SMBs, and 100% of midmarket firms. Endpoint security is already relatively widely adopted by SMBs. In addition, security suppliers have made headway in gaining customers for mobile hardware and access control security services. While Endpoint Detection and Response (EDR) tools are helpful, their capabilities are limited to detecting and responding to threats on endpoints and servers. Prevention remains the best approach to security, but detection is essential.

Cisco’s new XDR technology presents exciting opportunities for business growth by leveraging its vast network infrastructure and customer data to tackle security challenges. To strengthen its position in the security industry, Cisco is streamlining its go-to-market strategy and investing in partnerships to unify its cybersecurity offerings. Its partner growth strategy includes upgrading firewalls and refreshing products for existing customers, offering competitive pricing and margins to win new business, and introducing new partner offers for Security Operations Centers, such as Managed Detection and Response using Cisco XDR.

Cyberattacks targeting small and medium-sized businesses (SMBs) have increased, particularly ransomware and DDoS attacks. Implementing multi-factor authentication (MFA) safeguards employee identities and credentials. However, only 16% of SMBs and 25% of midmarket firms use MFA enterprise-wide. Similarly, only 13% of SMBs and 16% of midmarket firms have adopted single sign-on. However, the intent to adopt is significantly higher. Cisco offers MFA and single-sign-on (SSO) through its Duo offering, introducing innovations such as passwordless and risk-based authentication and Verified Duo Push. In addition, Duo has made security more accessible by integrating its Duo Trusted Endpoints capability into all service tiers, allowing users to restrict access only from corporate-managed devices or devices registered with Duo. This helps prevent unauthorized access attempts from unknown devices. In the advanced tiers, users can also assess the devices’ health before granting access and block risky or non-compliant devices, such as those running out-of-date software.

Securing endpoints and servers is essential for organizations, but cybercriminals are finding ways to bypass these measures through covert attacks. Instead of directly targeting high-value assets in data centers, they gain access through laptops and move laterally through the network. As a result, relying solely on an EDR solution or a firewall is not enough to detect and prevent cyberattacks. To fully protect IT infrastructure, it’s necessary to integrate prevention, detection, and response technologies into a single solution. This is where Extended Detection and Response (XDR) comes in, providing a comprehensive approach to security.

XDR builds upon the concept of EDR and expands its scope. It goes beyond the endpoint and server by integrating data from various security tools, including firewalls, email gateways, endpoint, network, identity, DNS, public cloud tools, and mobile threat management solutions. While it is possible to connect these components manually, a comprehensive XDR solution is designed to function as a unified system wherein components are interconnected and work together seamlessly to optimize threat detection and response workflows. Cisco's XDR solution in one such system.

Dell’s recent enhancements to its security portfolio address midmarket companies' specific security concerns and goals. Dell has significantly expanded its security portfolio with in-house capabilities and partnerships to enhance its threat protection, management, and incident response capabilities. The company’s new additions are crucial in addressing mid-market businesses' security challenges. According to Techaisle data, cybersecurity prevention investments are the highest technology priority for core and upper midmarket firms. With an average spending increase of 8.6%, 64% of midmarket firms are boosting their investments in cybersecurity solutions. The main reason for this spending increase is advanced threats and the rise of remote working, as reported by 61% of firms. In today's digital environment, cyberattacks are becoming increasingly prevalent and sophisticated, posing a threat to companies of all sizes. The traditional approach to security revolved around building higher cyber walls, hoping that no one would cross them. However, in the last ten years, attackers have found ways to breach these walls, making it necessary to have preventive strategies in place. Businesses must therefore prepare for the possibility of breaches and their potential impacts. Consequently, they must have a comprehensive security portfolio that offers end-to-end protection – from detecting and preventing threats to minimizing the damage in the event of a breach and helping users recover their data.

Mid-market enterprises are particularly susceptible to cyberattacks due to their limited resources compared to larger organizations. They face the same challenges as their larger counterparts but require more resources to defend themselves. To address these challenges, mid-market businesses need a security portfolio that can protect their operations from cyberattacks and minimize the risk of financial and reputational damage, especially as cyber threats become increasingly sophisticated. This article examines how recent updates to Dell’s security solutions portfolio can help mid-market businesses navigate the evolving threat landscape and enhance their protection capabilities.

Technology advances daily; how can SMB IT resources and processes keep pace? In March 2023, Dell announced its Dell APEX Managed Device Service subscription to help SMBs and midmarket firms keep devices secure and up-to-date. Dell APEX Managed Device Service is available to buy as a month-to-month subscription at $70 per device for SMBs. Techaisle data shows that 83% of SMBs are prioritizing outsourcing their device, security, and overall IT management. At the same time, 62% are increasing their use of as-a-Service technology adoption. With Dell APEX Managed Device Service, SMBs have peace of mind knowing their IT needs are handled with Dell’s industry-leading IT management and support capabilities. From PC management to device security to expert Dell support, all in a flexible monthly subscription, this newest addition to the Dell APEX lineup delivers the immediate value small businesses need to focus on growing their business, not managing IT.

SMBs increasingly depend on information technology and deal with an ever-expanding portfolio of increasingly complex applications and platform technologies. At the same time, these firms are struggling to rein in IT-related expenditures, including staff-related costs. This combination of increased reliance on technology as a critical element of business success, burgeoning complexity, and cost constraint has created a ‘perfect storm’ for using managed services, especially services covering devices and security. As a result, managed services has become an increasingly important force within the SMB IT portfolio because its key attributes tie directly to business and IT challenges. The reasons for this intense (and growing) interest in service delivery are varied and compelling. The top two issues are “to keep IT costs under control” (49%) and “improve security” (38%).